Re: Business Continuity Plan

Subject: Re: Business Continuity Plan
From: Andrew Plato <gilliankitty -at- yahoo -dot- com>
To: "TECHWR-L" <techwr-l -at- lists -dot- techwr-l -dot- com>
Date: Tue, 12 Oct 2004 11:27:05 -0700 (PDT)



"Erika Yanovich" <ERIKA_y -at- rad -dot- com> wrote in message news:252622 -at- techwr-l -dot- -dot- -dot-

> Hi there,
> Our CEO suggested that I help creating such a document (requested by some of
our
> clients). Before meeting the relevant VP, I googled it and was amazed by the
wealth of
> information regarding such plans and their complexity. My question is: did
anyone out
> there participate in such a project and if yes, on what level:
> - helping with the writing
> - part of the project team
> - leading the project.

My company writes these for others as a business. Its part of numerous security
projects.

Business Continunity Plans (BCPs) are very difficult to write. They demand an
intimate and comprhensive understanding of the business, its risks, and its
tolerances to failure. It requires extensive training in risk management,
information security, and business governance to write a successful BCP.
Typically, technical writers assist in such projects, they don't lead them. A
security or business auditor should lead such a project.

Ideally, your company needs should conduct a full security assessment that
includes a business continuity and gap analysis. From that, you can outline the
risks and tolerances for your organization. Then you'll be ready to write a BCP
based on the findings of your security assessment.

Eric is right, BCP work can be very fun. But if you have never done one, you
should seriously consider contracting somebody who has experience doing them.
Just running around and documenting paranoia "how many backups do we have"
"what happens if a tornado hits the building" is not a BCP. A BCP is a
corporate governance document that needs to address fundamental business,
financial, and personnell issues. The paranoid stuff is merely a fraction of
what a BCP contains.

There are some good templates out there that can serve as a framework. I'd look
into ISACA (http://www.isaca.org/). Good group. They are mostly focused on IT
governance and auditing work. Technically a BCP crosses the IT boundary into
business and finance issues.

If you're CEO is asking for one just to placate clients, then you can throw one
of these together. It might not be useful, but if that's the goal of the BCP,
it will work.

Good luck

Andrew Plato



_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

ROBOHELP X5: Featuring Word 2003 support, Content Management, Multi-Author
support, PDF and XML support and much more!
TRY IT TODAY at http://www.macromedia.com/go/techwrl

WEBWORKS FINALDRAFT: New! Document review system for Word and FrameMaker
authors. Automatic browser-based drafts with unlimited reviewers. Full
online discussions -- no Web server needed! http://www.webworks.com/techwr-l

---
You are currently subscribed to techwr-l as:
archiver -at- techwr-l -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- techwr-l -dot- com
Send administrative questions to lisa -at- techwr-l -dot- com -dot- Visit
http://www.techwr-l.com/techwhirl/ for more resources and info.



Previous by Author: RE: (inter)National Novel Writing Month
Next by Author: Re: Blogging software-your opinions
Previous by Thread: RE: Business Continuity Plan
Next by Thread: RE: Business Continuity Plan


What this post helpful? Share it with friends and colleagues:


Sponsored Ads